Aggregator
CISA最近将Chrome漏洞标记为被积极利用
2 hours 38 minutes hence
安全客
勒索软件团伙越来越多地使用Skitnet剥削后恶意软件
2 hours 34 minutes hence
安全客
高拒绝服务风险:Tornado的默认解析器暴露应用程序(CVE-2025-47287)
2 hours 20 minutes hence
安全客
FBI警告人工智能语音诈骗冒充美国政府官员
2 hours 18 minutes hence
安全客
严重风险(CVSS9.1):Auth 0-PHP SDK缺陷威胁超过1600万下载量
2 hours 14 minutes hence
安全客
Pwn 2 Own:Firefox被JavaScript黑客攻击Zero-Days -漏洞利用的详细信息
2 hours 11 minutes hence
安全客
人工智能幻觉及其对网络安全运营的风险
2 hours 5 minutes hence
安全客
CrowdStrike和英伟达联合确保企业人工智能部署安全
2 hours 1 minute hence
安全客
VUZ因其在新兴市场和美国的沉浸式视频体验获得1200万美元
1 hour 59 minutes hence
安全客
实力领跑!360获评CNNVD“年度优秀技术支撑单位”等多项荣誉
1 hour 55 minutes hence
安全客
Compromised RVTools Installer Spreading Bumblebee Malware
51 minutes 3 seconds ago
RVTools installer on its official site was found delivering malware. Research shows it spread Bumblebee loader. Users urged to verify downloads.
Deeba Ahmed
Пока весь мир страдает от нехватки медиков, в Тайване за них уже дежурят роботы
56 minutes 52 seconds ago
Foxconn и NVIDIA строят новую медицину прямо сейчас.
Обычная команда INFO в Redis — и вся внутренняя сеть стала криптофермой злоумышленников
1 hour 35 minutes ago
Готовьтесь к утечке CPU, криптовалюте и новым соседям в crontab.
原域名已变更且将在2024年彻底废弃,请访问 https://govuln.com/news/ 查看新的RSS订阅
1 hour 35 minutes ago
原域名已变更且将在2024年彻底废弃,请访问 https://govuln.com/news/ 查看新的RSS订阅
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
1 hour 37 minutes ago
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex picture of progress, challenges, and a shifting mindset
The Hacker News
‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots
1 hour 37 minutes ago
Seven sources tell CyberScoop that a lack of coordination and miscommunication between federal agencies and the telecommunications industry left critical networks exposed to the Chinese hacking group.
The post ‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots appeared first on CyberScoop.
Greg Otto
CVE-2022-29623 | Connect-Multiparty 2.2.0 PDF File unrestricted upload (EUVD-2022-33953)
2 hours 3 minutes ago
A vulnerability was found in Connect-Multiparty 2.2.0 and classified as critical. Affected by this issue is some unknown functionality of the component PDF File Handler. The manipulation leads to unrestricted upload.
This vulnerability is handled as CVE-2022-29623. The attack can only be done within the local network. There is no exploit available.
vuldb.com
CVE-2023-45159 | 1E Client on Windows link following
2 hours 3 minutes ago
A vulnerability was found in 1E Client on Windows and classified as critical. This issue affects some unknown processing. The manipulation leads to link following.
The identification of this vulnerability is CVE-2023-45159. The attack needs to be approached locally. There is no exploit available.
vuldb.com
CVE-2023-45160 | 1E Client file access (Q23094)
2 hours 3 minutes ago
A vulnerability was found in 1E Client and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to files or directories accessible.
This vulnerability is handled as CVE-2023-45160. The attack may be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com